Cross-Site Scripting Vulnerability in SPIP Article Module by SPIP
CVE-2024-53620

Currently unrated

Key Information:

Vendor

SPIP

Vendor
CVE Published:
26 November 2024

What is CVE-2024-53620?

A vulnerability in the Article module of SPIP v4.3.3 permits authenticated users to exploit cross-site scripting (XSS) flaws. By injecting a malicious payload into the Title parameter, attackers can run arbitrary scripts on users' browsers, potentially compromising sensitive information or redirecting users to malicious websites.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.